Customer data stolen as US banks including JP Morgan hit by cybertheft

Nicole Perloth

A number of US banks, including JPMorgan Chase and at least four others, were struck by hackers in a series of coordinated attacks this month, according to four people familiar with a continuing investigation into the crimes.

The hackers infiltrated the networks of the banks, siphoning off gigabytes of data, including cheque and savings account information, in what security experts described as a sophisticated cyberattack.

JPMorgan Chase & Co is one of a number of US banks hit by what authorities say are co-ordinated cyber attacks. Photo: Reuters

The motivation and origin of the attacks are not yet clear, according to investigators. The FBI is involved in the investigation, and in the past few weeks a number of security firms have been brought in to conduct forensic studies of the penetrated computer networks.

According to two other people briefed on the matter, hackers infiltrated the computer networks of some banks and stole cheque and savings account information from clients. It was not clear whether the attacks were financially motivated, or they were collecting intelligence as part of an espionage effort.

JPMorgan has not seen any increased fraud levels, one person familiar with the situation said.

J. Peter Donald, an FBI spokesman in New York, declined to comment, citing the current investigation.

The intrusions were first reported by Bloomberg, which indicated that they were the work of Russian hackers. But security experts and government officials said they had not yet made that conclusion.

Earlier this year, iSight Partners, a Dallas-based security firm that provides intelligence on online threats, warned companies that they should be prepared for cyberattacks from Russia in retaliation for Western economic sanctions.

But Adam Meyers, the head of threat intelligence at CrowdStrike, a security firm that works with JPMorgan and other banks, said that it would be "premature" to suggest the attacks were motivated by sanctions. Meyers said he could not speak specifically about JPMorgan or any of his company's clients.

The recent hacks against the American banks were not intended to disrupt the bank's services but appeared to be part of a financial or intelligence-gathering effort, three people briefed on the investigations said.

Meyers said hackers could have been after account information, or even intelligence about a potential merger or acquisition. Security experts said the hackers chose to pursue account information, not disruption, which is the earmark of state-sponsored attacks.

Because JPMorgan had not seen any unusual incidences of fraud, however, it was too early to conclude that the attacks were solely financially motivated.